Hi, I think I'm being hit with a problem. For the last 3 days, around the same time I am getting big spikes in network usage on my server. I think someone's in there besides me.

How do I track this? I've checked my logs but haven't found anything. I might not be looking for the right stuff. Help!

linux/plesk 2.0

Well...

-Get a log analyzer and see if you're suddenly appearing on search engines/web sites (maybe the traffic is legit)
-Get Snort http://www.snort.org and see if you're getting nailed with attempted DOS attacks / Worms.
-Check /var/log/messages and /var/log/secure to see if someone is 'knocking on the door' trying to get in.
-Check your apache error_log (might be named differently) to see if you have a lot of failed attempts (this might be an indication of a Worm)

Dan